From 84a414fe534ebb60c8e7396c245486be521e2a11 Mon Sep 17 00:00:00 2001
From: Eric Maziade <eric.maziade@novisoft.com>
Date: Fri, 5 Jun 2015 11:50:37 -0400
Subject: Add session expiration delay configuration through UI application
 settings

---
 config/initializers/1_settings.rb    | 1 +
 config/initializers/session_store.rb | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

(limited to 'config')

diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index c234bd69e9a..9b39dff046e 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -128,6 +128,7 @@ Settings.gitlab['issue_closing_pattern'] = '((?:[Cc]los(?:e[sd]?|ing)|[Ff]ix(?:e
 Settings.gitlab['default_projects_features'] ||= {}
 Settings.gitlab['webhook_timeout'] ||= 10
 Settings.gitlab['max_attachment_size'] ||= 10
+Settings.gitlab['session_expire_seconds'] ||= 604800
 Settings.gitlab.default_projects_features['issues']         = true if Settings.gitlab.default_projects_features['issues'].nil?
 Settings.gitlab.default_projects_features['merge_requests'] = true if Settings.gitlab.default_projects_features['merge_requests'].nil?
 Settings.gitlab.default_projects_features['wiki']           = true if Settings.gitlab.default_projects_features['wiki'].nil?
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index b2d59f1c4b7..1603f7561cd 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -6,6 +6,6 @@ Gitlab::Application.config.session_store(
   key: '_gitlab_session',
   secure: Gitlab.config.gitlab.https,
   httponly: true,
-  expire_after: 1.week,
+  expire_after: ActiveRecord::Base.connected? && ActiveRecord::Base.connection.table_exists?('application_settings') ? ApplicationSetting.current.session_expire_seconds : Settings.gitlab['session_expire_seconds'],
   path: (Rails.application.config.relative_url_root.nil?) ? '/' : Rails.application.config.relative_url_root
 )
-- 
cgit v1.2.3


From 1d080f57454fda46eb60700a8693cb968e6d557f Mon Sep 17 00:00:00 2001
From: themaze75 <maze@novisoft.com>
Date: Fri, 5 Jun 2015 17:16:32 +0000
Subject: session_expire_seconds => session_expire_delay delay is in seconds
 more legible code in session_store Added `GitLab restart required` help block
 to session_expire_delay

---
 config/initializers/1_settings.rb    | 2 +-
 config/initializers/session_store.rb | 8 ++++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

(limited to 'config')

diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 9b39dff046e..f050a7ea1a5 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -128,7 +128,7 @@ Settings.gitlab['issue_closing_pattern'] = '((?:[Cc]los(?:e[sd]?|ing)|[Ff]ix(?:e
 Settings.gitlab['default_projects_features'] ||= {}
 Settings.gitlab['webhook_timeout'] ||= 10
 Settings.gitlab['max_attachment_size'] ||= 10
-Settings.gitlab['session_expire_seconds'] ||= 604800
+Settings.gitlab['session_expire_delay'] ||= 10080
 Settings.gitlab.default_projects_features['issues']         = true if Settings.gitlab.default_projects_features['issues'].nil?
 Settings.gitlab.default_projects_features['merge_requests'] = true if Settings.gitlab.default_projects_features['merge_requests'].nil?
 Settings.gitlab.default_projects_features['wiki']           = true if Settings.gitlab.default_projects_features['wiki'].nil?
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 1603f7561cd..43077fb575e 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -1,11 +1,15 @@
 # Be sure to restart your server when you modify this file.
 
+if ActiveRecord::Base.connection.active?  && ActiveRecord::Base.connection.table_exists?('application_settings')
+  Settings.gitlab['session_expire_delay'] = ApplicationSetting.current.session_expire_delay
+end
+
 Gitlab::Application.config.session_store(
   :redis_store, # Using the cookie_store would enable session replay attacks.
   servers: Gitlab::Application.config.cache_store[1].merge(namespace: 'session:gitlab'), # re-use the Redis config from the Rails cache store
   key: '_gitlab_session',
   secure: Gitlab.config.gitlab.https,
   httponly: true,
-  expire_after: ActiveRecord::Base.connected? && ActiveRecord::Base.connection.table_exists?('application_settings') ? ApplicationSetting.current.session_expire_seconds : Settings.gitlab['session_expire_seconds'],
+  expire_after: Settings.gitlab['session_expire_delay'] * 60,
   path: (Rails.application.config.relative_url_root.nil?) ? '/' : Rails.application.config.relative_url_root
-)
+)
\ No newline at end of file
-- 
cgit v1.2.3